That’s a wrap on another Blackhat

Blog AWS Security Cloud Infrastructure Cloud Security

Blackhat 2024 wrapped up last week and we had quite a show! We advanced our Purple Team, creating a new asset for our partners to advance their sales and spread the news on Skyhawk, discussed our automated response capabilities with prospects, which is a clear differentiator, and had great conversations at the booth! 

Free Purple Team Assessment finds threats in one hour 

At re: Invent, we announced the Purple Team and at Blackhat, we announced the free Purple Team Assessment. In just one hour, Skyhawk Security will collect logs, telemetry, and other information to identify the threats within your cloud, and then prioritize them by the business value of the asset that the threat makes vulnerable. This information ensures organizations can address the issues that would cause the greatest harm to the business. The Purple Team Assessment predicts where threat actors will go, so those issues can be fixed to prevent the cloud breach. 

If you would like to get more information on the free assessment, fill out the form on the page. 

Automated response is a clear differentiator 

Skyhawk Security’s automated response enables organizations to leverage automation safely and effectively. With the AI-based purple team, you can see what the AI-red team simulated to get to your crown jewels. The platform will then create an automated response to stop the threatening behavior. Everything is verified in the AI simulation, so security teams can confidently leverage the response. Check out the blog for more. 

Top Questions at the booth 

  • What do you mean when you say purple team? 
    • We say Purple Team because we have a red team and a blue team “fighting” each other and these blend to create the purple team. These are completely AI-based teams and the execution of the “fight” happens in a Simulation Twin so it will not impact production. The purple team leverages business priority rules and automation to identify the crown jewel assets that if breached, would cause damage to your company. We prioritize threats based on the business value of the asset so you know what to fix first. Check out the Purple Team page for more information. 
  • What is the Purple Team Assessment? What does that mean? 
    • If you give us one hour, we can help you identify threats in your cloud and then prioritize them based on the business value of the effort. Check out our press release for more information. At the end of the assessment, we will give you a report to clearly communicate to senior leadership how the Purple Team will help you. This is a completely free assessment. 
  • How many people are part of the red team and the blue team? 
    • We do not have a red team or blue team staffed with people, it is all AI-based. Check out this 3-minute video to learn more about the purple team and how we use AI that is continuously running to find weaknesses in the cloud attack surface to prioritize and fix threats. The team at Gestalt IT also mention how using AI for red and blue teaming is a great use case. 
  • How do you collect the data? Is it agents? 
    • We do not use agents. We collect data from logs, telemetry, even security tools like AWS GuardDuty. We sort through all this information and correlate it into an attack sequence, weeding out benign events and focusing on what is a threat. Alerts from Skyhawk need your attention. They are verified alerts. 
  • Will this help with alert fatigue? 
    • Yes! As stated, Skyhawk Synthesis Security Platform sorts through thousands of events, logs, telemetry, and input from other security tools and surfaces verified alerts. In this blog, you can see a real customer environment where the platform sorted through 60,000 events to deliver 50 verified alerts. SOC teams are overwhelmed if they are presented with 60K events, but they can address 50 verified alerts. 
  • What is used for threat detection? Is it just patterns? 
      • To prevent drift 
      • To ensure that threat actors cannot reverse engineer them 
      • And finally, to ensure that as your cloud architecture evolves and changes, the threat detection models are also aligned to ensure your cloud security is aligned with the cloud architecture. 

 

Action at the booth.  

Thanks to the Cloud Security Alliance, we had a Certificate of Cloud Security Knowledge (CCSK) to raffle off at the booth. Congratulations to the winner! We had many very good conversations, and several security experts were very interested in the AI-based Autonomous Purple Team, and seeing the report from the Assessment showed that this is real. We look forward to following up with everyone who stopped by the booth!  

 

Blog

Re:Invent has come to a close and we had a great week! We kicked off the week with our product announcement. Did you know that most threat actors (70%) are logging into the cloud – they are not “breaking in”.

Cloud BreachCloud SecurityThreat Detection
Blog

Skyhawk Security is proud to announce the expansion of its cloud threat detection and response capabilities with Interactive CDR. This new capability expands the team that can verify if an activity is malicious or not, by going to the alleged

AICloud BreachCloud SecurityThreat Detection
Blog

Skyhawk Security announces the availability of new features and integrations of its Autonomous Purple Team, aimed at extending detection and improving security validation as well as pre-validating threat detection alerts, to effectively manage the security of your cloud. The company

AICloud BreachCloud SecurityThreat Detection
Blog

By Asaf Shahar, VP, Product at Skyhawk Security Securing cloud environments presents unique challenges due to their constantly evolving nature. CERT-IL’s alert on public cloud threats (ALERT-CERT-IL-W-1810) underscores common vulnerabilities—exposed credentials, service misconfigurations, and inadequate tenant isolation—frequently exploited by attackers.

AICloud BreachCloud SecurityThreat Detection
Blog

By Asaf Shahar, VP, Product at Skyhawk Security As cloud security strategies evolve, attackers are staying a step ahead, moving beyond traditional credential theft tactics like phishing to adopt more sophisticated methods- some of which we’ve witnessed in the past.

AICloud BreachCloud SecurityThreat Detection
Blog

AWS re:Invent is less than a month away – stop by booth #2152 to learn about Skyhawk Security and our award-winning AI-based Autonomous Purple Team. With Skyhawk’s Continuous Proactive Protection, our customers have realized: Significant Time Gains: Our customer has

AICloud BreachCloud SecurityThreat Detection

Thanks For Reaching Out!

One of our expert will get back to you
promptly at asafshachar@gmail.com

See the Purple Team
See the breach before it happens
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.